﻿<?php 
error_reporting(E_ERROR|E_PARSE);
session_start();
if($_SESSION["islogin"]!=='igiveyouthepower'){
echo "<script language=JavaScript>\r\n";
echo "alert('请先登录!');\r\n";
echo "location.href='../index.php'\r\n";
echo "</script>";
}else{
require_once('../config.php');
?>
<?php 
$conn = mysqli_connect($cfg_dbhost,$cfg_dbuser,$cfg_dbpwd,$cfg_dbname);
$action=($_GET["action"]);
$id=intval($_GET["id"]);
if($_POST['id']<>''){$ID_Dele=implode(",",$_POST['id']);}
$upccode=$_POST["upc"];
$user_name=$_SESSION["managername"];
$ndate=date("Y-m-d",time());
if($action=='add'){
$sql = "INSERT INTO ph_upc(upccode,user_name,ndate)VALUES('".$upccode."','".$user_name."','".$ndate."')";
mysqli_query($conn,$sql);
echo "<script language=JavaScript>\r\n";
echo "alert('新增成功!');\r\n";
echo "location.href='list.php'\r\n";
echo "</script>";
}

if($action=='del'){
if($ID_Dele<>''){
$sql = "delete from ph_upc where id in(".$ID_Dele.")";
mysqli_query($conn,$sql);}
if($id<>''){
$sql = "delete from ph_upc where id ='".$id."'";
mysqli_query($conn,$sql);}
echo "<script language=JavaScript>\r\n";
echo "alert('删除成功!');\r\n";
echo "location.href='list.php'\r\n";
echo "</script>";
}
?>
<?php }?>